cleantalk
Vulnerabilities and Security Researches

MW WP Form, CVE-2024-24804

CVE, Research URL

CVE-2024-24804

Home page URL

Security reports for MW WP Form

Application

MW WP Form

Published on
Feb 10, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in websoudan MW WP Form allows Stored XSS.This issue affects MW WP Form: from n/a through 5.0.6.
Affected versions
max 5.1.0.
Status
vulnerable
Previous vulnerability researches
MW WP Form (CVE-2026-5436) , Apr 13, 2026
MW WP Form (CVE-2026-4347) , Apr 13, 2026
MW WP Form (f8ff86f77b0d6ce822aaa5af5c71d680ab99821f) , Jun 06, 2024
MW WP Form (CVE-2023-6559) , Jun 06, 2024
MW WP Form (CVE-2024-24804) , Jun 06, 2024
New vulnerability
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One (CVE-2026-48966) , Jun 10, 2026
Geo Mashup (CVE-2026-48967) , Jun 10, 2026
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms (CVE-2026-49109) , Jun 10, 2026
WP-Paginate (CVE-2021-47982) , Jun 10, 2026
Welcart e-Commerce (CVE-2026-49775) , Jun 10, 2026